A Test-Based Incremental Security Certification Scheme for Cloud-Based Systems

被引：8

作者：

Anisetti, Marco ^{[1
]}

Ardagna, Claudio A. ^{[1
]}

Damiani, Ernesto ^{[1
]}

机构：

[1] DI Univ Milano, I-26013 Crema, Italy

来源：

2015 IEEE 12TH INTERNATIONAL CONFERENCE ON SERVICES COMPUTING (SCC 2015) | 2015年

关键词：

Cloud; Incremental security certification; Testing;

D O I：

10.1109/SCC.2015.104

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

We present a test-based assurance scheme aimed at incremental security certification. Our scheme assesses the impact of changes at cloud, system, and certification methodology levels on existing certification processes. The proposed solution minimizes the risk of unnecessary certificate revocation and reduces as much as possible the amount of re-certification activities. To this aim, it reuses evidence available in existing certificates to re-validate them when relevant changes are observed.

引用

页码：736 / 741

页数：6

共 50 条

[31] Cyber Security and Artificial Intelligence for Cloud-based Internet of Transportation Systems
Thuraisingham, Bhavani
[J]. 2020 7TH IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND CLOUD COMPUTING (CSCLOUD 2020)/2020 6TH IEEE INTERNATIONAL CONFERENCE ON EDGE COMPUTING AND SCALABLE CLOUD (EDGECOM 2020), 2020, : 8 - 10
[32] OpenID Connect as a Security Service in Cloud-based Diagnostic Imaging Systems
Ma, Weina
Sartipi, Kamran
Sharghi, Hassan
Koff, David
Bak, Peter
[J]. MEDICAL IMAGING 2015: PACS AND IMAGING INFORMATICS: NEXT GENERATION AND INNOVATIONS, 2015, 9418
[33] OpenID Connect as a security service in cloud-based medical imaging systems
Ma, Weina
Sartipi, Kamran
Sharghigoorabi, Hassan
Koff, David
Bak, Peter
[J]. JOURNAL OF MEDICAL IMAGING, 2016, 3 (02)
[34] Cloud-based Cyber Physical Systems: Design Challenges and Security Needs
Reddy, Yenumula B.
[J]. 2014 10TH INTERNATIONAL CONFERENCE ON MOBILE AD-HOC AND SENSOR NETWORKS (MSN), 2014, : 315 - 322
[35] Security Solutions in Cloud-based Healthcare Information Systems: A Systematic Review
Tabatabaei, Mohsen S.
Langarizadeh, Mostafa
Akbari, Mohammad K.
[J]. INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2018, 18 (09): : 57 - 64
[36] A dual privacy-preservation scheme for cloud-based eHealth systems
Wang, Xiaoliang
Bai, Liang
Yang, Qing
Wang, Liu
Jiang, Frank
[J]. JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2019, 47 : 132 - 138
[37] Test-based specifications of components and systems
Hamlet, Dick
[J]. USIC 2007: PROCEEDINGS OF THE SEVENTH INTERNATIONAL CONFERENCE ON QUALITY SOFTWARE, 2007, : 388 - 395
[38] Validating Security Protocols with Cloud-Based Middleboxes
Taylor, Curtis R.
Shue, Craig A.
[J]. 2016 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS), 2016, : 261 - 269
[39] Security and availability techniques for cloud-based applications
[J]. Ballabio, G, 1600, Elsevier Ltd (2013):
[40] Security Automation for Cloud-Based IoT Platforms
Merzouki, Mheni
Mahmoudi, Charif
Bohn, Robert
Tunc, Cihan
[J]. 2019 INTERNATIONAL CONFERENCE ON INTERNET OF THINGS (ITHINGS) AND IEEE GREEN COMPUTING AND COMMUNICATIONS (GREENCOM) AND IEEE CYBER, PHYSICAL AND SOCIAL COMPUTING (CPSCOM) AND IEEE SMART DATA (SMARTDATA), 2019, : 1185 - 1191

← 1 2 3 4 5 →